Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Similar presentations


Presentation on theme: "CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz."— Presentation transcript:

1 CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz

2 Public-key protocols  Server stores pk; user stores sk  Server sends R; user signs R –Using a secure signature scheme…  Is this secure? –Potential weaknesses –What if we had used encryption instead?  Can we achieve security against server compromise and eavesdropping without using public-key crypto?

3 Lamport’s hashing protocol  Server stores H n (pw); user sends H n-1 (pw) –Server updates user’s entry…  Can also add “salt” to hash –Can use same password on different sites –Protects against off-line attacks –Can use same password (but different salt) when password “expires”  Deployed as S/Key

4 Some attacks…  Secret expires…  No mutual authentication –“Small n” attack

5 Session key establishment  There are very few applications for which authentication alone is sufficient! –What do you do once you are authenticated?  Generally, need to establish a session key –Efficiency advantages to using symmetric-key techniques if public-key auth. is used –Advantages even if a symmetric key is already shared…

6 Session keys  Reduces effectiveness of cryptanalysis  If a key is compromised, only one conversation is affected  Prevents replay of messages from other conversations  Better security from un-trusted host

7 KDCs  Key Distribution Centers  Advantages of symmetric-key crypto, without O(n 2 ) keys –But requires a trusted intermediary –Single point of failure/attack

8 Multiple intermediaries  Can use multiple KDCs… –Can have all pairs of KDCs share a key –More likely, there will be a hierarchy of KDCs

9 Basic key exchange  Public-key based…  Diffie-Hellman key exchange –Not authenticated (yet)!


Download ppt "CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz."

Similar presentations


Ads by Google